Loading...
Kita akan membuat sebuah RESTful API CRUD sederhana menggunakan Laravel 12. Untuk autentikasi, kita akan pakai Laravel Sanctum, yang cocok banget buat proyek ringan seperti backend untuk aplikasi mobile atau frontend berbasis Vue/React.
Yang akan kita pelajari:
PostPastikan kamu sudah install PHP >= 8.2 dan Composer.
composer create-project laravel/laravel laravel-apiMasuk ke folder proyek:
cd laravel-apicomposer require laravel/sanctumPublish config dan migration Sanctum:
php artisan vendor:publish --provider="Laravel\\Sanctum\\SanctumServiceProvider"Lalu migrate database-nya:
php artisan migrateEdit file app/Http/Kernel.php, bagian 'api':
'api' => [
\\Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\\Illuminate\\Routing\\Middleware\\SubstituteBindings::class,
],Di file app/Models/User.php, tambahkan trait:
use Laravel\\Sanctum\\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
...
}Kita akan buat AuthController:
php artisan make:controller API/AuthControllerIsi file app/Http/Controllers/API/AuthController.php:
use App\\Models\\User;
use Illuminate\\Support\\Facades\\Hash;
use Illuminate\\Http\\Request;
class AuthController extends Controller
{
public function register(Request $request)
{
$data = $request->validate([
'name' => 'required',
'email' => 'required|email|unique:users',
'password' => 'required|min:6'
]);
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password'])
]);
$token = $user->createToken('api-token')->plainTextToken;
return response()->json(['token' => $token], 201);
}
public function login(Request $request)
{
$data = $request->validate([
'email' => 'required|email',
'password' => 'required'
]);
$user = User::where('email', $data['email'])->first();
if (! $user || ! Hash::check($data['password'], $user->password)) {
return response()->json(['message' => 'Email atau password salah'], 401);
}
$token = $user->createToken('api-token')->plainTextToken;
return response()->json(['token' => $token]);
}
public function logout(Request $request)
{
$request->user()->currentAccessToken()->delete();
return response()->json(['message' => 'Berhasil logout']);
}
}Tambahkan route-nya ke routes/api.php:
use App\\Http\\Controllers\\API\\AuthController;
Route::post('/register', [AuthController::class, 'register']);
Route::post('/login', [AuthController::class, 'login']);
Route::post('/logout', [AuthController::class, 'logout'])->middleware('auth:sanctum');Postphp artisan make:model Post -mEdit file migration di database/migrations/..._create_posts_table.php:
Schema::create('posts', function (Blueprint $table) {
$table->id();
$table->foreignId('user_id')->constrained()->onDelete('cascade');
$table->string('title');
$table->text('content');
$table->timestamps();
});Lalu jalankan migrasi:
php artisan migrateDi User.php:
public function posts()
{
return $this->hasMany(Post::class);
}Di Post.php:
public function user()
{
return $this->belongsTo(User::class);
}php artisan make:controller API/PostController --apiIsi PostController.php:
use App\\Models\\Post;
use Illuminate\\Http\\Request;
class PostController extends Controller
{
public function index()
{
return Post::with('user')->get();
}
public function store(Request $request)
{
$data = $request->validate([
'title' => 'required',
'content' => 'required',
]);
$post = $request->user()->posts()->create($data);
return response()->json($post, 201);
}
public function show(Post $post)
{
return $post;
}
public function update(Request $request, Post $post)
{
$this->authorize('update', $post);
$data = $request->validate([
'title' => 'string',
'content' => 'string',
]);
$post->update($data);
return response()->json($post);
}
public function destroy(Post $post)
{
$this->authorize('delete', $post);
$post->delete();
return response()->json(['message' => 'Post deleted']);
}
}use App\\Http\\Controllers\\API\\PostController;
Route::middleware('auth:sanctum')->group(function () {
Route::apiResource('posts', PostController::class);
});Gunakan Postman atau REST Client untuk menguji API:
POST /api/register → untuk registrasiPOST /api/login → dapatkan tokenAuthorization: Bearer <token> → untuk request CRUDGET /api/posts, POST /api/posts, dstKamu sekarang sudah punya RESTful API yang aman dan siap dipakai! Laravel Sanctum memberikan cara yang ringan dan mudah untuk mengelola autentikasi API, dan kamu sudah tahu bagaimana membuat operasi CRUD lengkap mulai dari login hingga delete.
Langkah selanjutnya? Bisa lanjut ke fitur pagination, validasi yang lebih kompleks, atau testing otomatis. Semangat belajar dan eksplorasi Laravel lebih dalam!